Email “phishing” and other fraudulent and/or malicious activities are increasingly problematic in online environments. In order to mitigate such activity, a number of strategies have been implemented. For example, increasingly complex password or login routines are now commonplace, where the user must enter a number of different pieces of information to gain access to their email account or other online account. Alternatively, it is not uncommon for users to have multiple accounts to attempt to mitigate their exposure to online fraud.
However, known methods suffer from a number of drawbacks. Users generally dislike the inconvenience and effort of changing online accounts or managing multiple accounts. Further, there is evidence that increasingly complex password rules encourage users to re-use passwords across multiple accounts, significantly increasing the exposure of those accounts to online fraud and malicious activities should a password be obtained by a fraudster.